Techdirt. Stories filed under "subpoenas"Easily digestible tech news...https://www.techdirt.com/
en-usTechdirt. Stories filed under "subpoenas"https://ii.techdirt.com/s/t/i/td-88x31.gifhttps://www.techdirt.com/Mon, 7 Aug 2017 03:32:50 PDTDeputy Attorney General Walks Back Attorney General's Threat To JournalistsTim Cushinghttps://www.techdirt.com/articles/20170806/09063937942/deputy-attorney-general-walks-back-attorney-generals-threat-to-journalists.shtml
https://www.techdirt.com/articles/20170806/09063937942/deputy-attorney-general-walks-back-attorney-generals-threat-to-journalists.shtml
Because this administration rarely seems to agree with itself, another recent pronouncement is being rolled back by someone within the same agency that made statements to the opposite effect only days earlier. Let me explain:

On Friday, Jeff Sessions held a press briefing on national security leaks, stating the DOJ was aggressively pursuing several leak investigations. That these investigations would most likely discourage actual whistleblowers was assumed, but not stated. Sessions didn't directly state he was rolling back previous DOJ policy to start targeting journalists who published leaked documents, but he did say this:

I have listened to career investigators and prosecutors about how to most successfully investigate and prosecute these matters. At their suggestion, one of the things we are doing is reviewing policies affecting media subpoenas. We respect the important role that the press plays and will give them respect, but it is not unlimited. They cannot place lives at risk with impunity. We must balance their role with protecting our national security and the lives of those who serve in our intelligence community, the armed forces, and all law abiding Americans.

This appeared to indicate the DOJ was taking the gloves off and would be going after journalists who refused to reveal their sources. Sessions refused to answer a direct question about the issue before ending the press conference, echoing his non-answer on the same subject during his confirmation hearing.

Speaking to Fox News Sunday, Deputy Attorney General Rod Rosenstein emphasized that the department’s renewed effort to prosecute leaks of classified information was not aimed at the news media.

“We’re after the leakers, not the journalists,” he said. “We don’t prosecute journalists for doing their jobs.“

It's only a partial rollback. Rosenstein wouldn't 100% rule out journalists being charged with crimes if the publication of documents was somehow criminal. (Not sure how often that would actually be the case, but the DOJ has a pretty vivid imagination sometimes.) But it sounds like the DOJ isn't going to start pushing for contempt charges if journalists refuse to turn over info when subpoenaed.

Of course, this could all change again in the next few days. The Trump Administration has been nothing if not schizophrenic, with officials offering contradictory statements and the president's own tweets/statements routinely refuted by department heads, cabinet members, and the government's lawyers.

Permalink | Comments | Email This Story
]]>house-divided-against-itself--FOUR-MORE-YEARS!-FOUR-MORE-YEARS!https://www.techdirt.com/comment_rss.php?sid=20170806/09063937942Fri, 4 Aug 2017 19:39:00 PDTJeff Sessions Suggests He's Steering The DOJ Towards Prosecuting More JournalistsTim Cushinghttps://www.techdirt.com/articles/20170804/14132637927/jeff-sessions-suggests-hes-steering-doj-towards-prosecuting-more-journalists.shtml
https://www.techdirt.com/articles/20170804/14132637927/jeff-sessions-suggests-hes-steering-doj-towards-prosecuting-more-journalists.shtml
Jeff Sessions and the DOJ are back to threatening leakers again. It seems counterproductive, considering each new threat of leak investigations does little to stem the steady flow of leaks. But the new DOJ boss seems ready to go further than his predecessors.

Having already expressed an interest in taking care of Obama's unfinished business by going after Wikileaks, Sessions now appears to be headed towards threatening journalism and the First Amendment itself. This would be a new direction for the Justice Department. A 2013 report by the DOJ stated it was unwilling to consider the punishment of journalists during leak investigations, except as a last resort.

As an initial matter, it bears emphasis that it has been and remains the Department's policy that members of the news media will not be subject to prosecution based solely on newsgathering activities. Furthermore, in light of the importance of the constitutionally protected newsgathering process, the Department views the use of tools to seek evidence from or involving the news media as an extraordinary measure.

Journalists have been subpoenaed before in leak investigations, but the DOJ has generally been unwilling to jail journalists for refusing to hand over information on their sources. Jeff Sessions, however, seems less concerned about using the weight of the law against members of the press.

I have listened to career investigators and prosecutors about how to most successfully investigate and prosecute these matters. At their suggestion, one of the things we are doing is reviewing policies affecting media subpoenas. We respect the important role that the press plays and will give them respect, but it is not unlimited. They cannot place lives at risk with impunity. We must balance their role with protecting our national security and the lives of those who serve in our intelligence community, the armed forces, and all law abiding Americans.

This strongly suggests the 2013 guidelines on "new media" will be rewritten by Sessions' DOJ to justify increased prosecutions of journalists. This is a dangerous step forward, especially in an era where leaks seem to be coming faster than journalists can publish them. Throwing a few journalists in jail for contempt creates a severe chilling effect. Even the enhanced threat of prosecution may be enough to discourage journalists from publishing leaked docs or working with government sources.

Sessions was asked directly if this administration would prosecute journalists. He refused to answer the question before ending the briefing. This would be the second time Sessions has dodged this question -- the first being Sen. Klobluchar's question along the same lines during his confirmation hearing. What better way to send a chilling message to journalists then telling them their freedom might be at stake as they attend a press briefing.

Permalink | Comments | Email This Story
]]>publish-and-diehttps://www.techdirt.com/comment_rss.php?sid=20170804/14132637927Thu, 20 Jul 2017 09:26:47 PDTProsecutors Say Subpoenas Will Be Used For Serious Crimes Against Children, Use Them For Everything ElseTim Cushinghttps://www.techdirt.com/articles/20170718/17181537817/prosecutors-say-subpoenas-will-be-used-serious-crimes-against-children-use-them-everything-else.shtml
https://www.techdirt.com/articles/20170718/17181537817/prosecutors-say-subpoenas-will-be-used-serious-crimes-against-children-use-them-everything-else.shtml
It's always been true: if you give a government agency increased powers for a limited purpose, the limitations and the purpose will soon be shrugged off. The ACLU of Massachusetts is trying to get some prosecutorial power reeled back in, thanks to administrative subpoena mission creep.

When prosecutors first pushed for the power to seize telephone and Internet records themselves, bypassing the need for a judge to approve a warrant, they argued the power was necessary to help them quickly track down missing children and sexual predators.

But records obtained by the American Civil Liberties Union show prosecutors have used that significant subpoena power hundreds of times a year in routine investigations related to larceny, check fraud, assault, and other common crimes.

[...]

In one case cited by the [ACLU], Suffolk District Attorney Daniel F. Conley issued a subpoena in 2011 to find the subscriber information for several Twitter handles and for anyone who used the hashtag #BostonPD after the police removed an Occupy Boston encampment in Dewey Square.

It is the same here as it is with everything else. Stingrays were supposed to be counterterrorism devices, what with them being repurposed war gear. But then it was homicides. Then drug dealers. Then pretty much anyone cops wanted to locate, even if all they'd done was steal $60 of fast food.

The subpoenas discussed here are also administrative. This means prosecutors write the paperwork themselves and run it past no one before serving it to internet service providers and phone companies. They also do this thousands of times a year.

Four other district attorneys disclosed a limited amount of data. But Healey and Middlesex District Attorney Marian T. Ryan turned over a large trove of information that revealed how frequently the subpoenas are used. Ryan’s office said it issued more than 2,400 over the last three years, while Healey’s office said it sent more than 1,200 during the period.

[...]

District Attorney Michael O’Keefe of the Cape and Islands, who issued 450 subpoenas over the last three years...

All for serious crimes, right?

Ryan’s office said the subpoenas were used to investigate crimes ranging from annoying calls and destruction of property to stabbing and rape of a child.

This isn't just irritating the ACLU. It's also irritating legislators who felt they were misled by prosecutors during the push for expanded power. Senator Cynthia Creem says prosecutors said it would be used to tackle crimes against children. Instead, the subpoenas are being used to handle almost any criminal activity. In response to this prosecutorial abuse of a legislated privilege, Creem is now attempting a claw-back.

Creem has filed a bill that would limit the use of administrative subpoenas to certain crimes against children and require prosecutors to report how many subpoenas they issue, the types of investigations involved, and whether they led to charges and convictions. The bill would also require prosecutors, at the close of an investigation, to inform the customers whose telephone and internet logs were seized.

Undoubtedly, this bill will face stiff resistance from prosecutors who've become accustomed to getting everything they want exactly when they want it. It's pretty difficult to convince investigators they don't need this, even though they apparently had no problem closing investigations prior to the law's passage in 2008.

Permalink | Comments | Email This Story
]]>flexible-definitions-and-malleable-purposeshttps://www.techdirt.com/comment_rss.php?sid=20170718/17181537817Thu, 29 Jun 2017 19:27:39 PDTDOJ Asks The Supreme Court To Give It Permission To Search Data Centers Anywhere In The WorldTim Cushinghttps://www.techdirt.com/articles/20170626/05205137665/doj-asks-supreme-court-to-give-it-permission-to-search-data-centers-anywhere-world.shtml
https://www.techdirt.com/articles/20170626/05205137665/doj-asks-supreme-court-to-give-it-permission-to-search-data-centers-anywhere-world.shtml
Having been told "no" twice by the Second Circuit Court of Appeals, the DOJ is asking the Supreme Court to overturn the decision finding Microsoft did not need to hand over communications stored in foreign data centers in response to a US warrant.

The Appeals Court told the DOJ that statutory language simply didn't agree with the premise pushed by the government: that US-issued warrants should allow the law enforcement to dig through "file cabinets" not actually located at the premises (United States) searched. The court noted jurisdictional limitations have always been part of the warrant process (although recent Rule 41 changes somewhat undercut this). That the information sought is digital rather than physical doesn't change this. The court suggested the DOJ take it up with Congress if it doesn't like the status quo. The DOJ has proposed legislation but likely feels a Supreme Court decision in its favor would be a swifter resolution.

The DOJ's 207-page petition [PDF] actually only contains about 30 pages of arguments. The bulk of the petition is made up of previous court decisions and oral argument transcripts covering the DOJ's losses at the lower level. The Table of Contents gets right to the point, utilizing the section header "The panel's decision is wrong" to set the tone for its rehashed arguments.

The DOJ quotes the dissenting judges from the Appeals Court's decision, one of which makes the ever-popular "appeal to 9/11" argument:

Judge Raggi also emphasized the exceptional importance of this case and the “immediate and serious adverse consequences” of the panel’s ruling. “On the panel’s reasoning,” she explained, if the government had been able to show in early September 2001 probable cause to believe that the 9/11 perpetrators “were communicating electronically about an imminent, devastating attack on the United States, and that Microsoft possessed those emails,” a federal court would not have been able to issue a Section 2703 warrant if Microsoft had stored the emails outside the United States, “even though [Microsoft’s] employees would not have had to leave their desks in Redmond, Washington, to retrieve them.”

All well and good, if you like that sort of thing, but the facts of the case are far less dire:

In December 2013, the government applied for a warrant requiring Microsoft to disclose email information for a particular user’s email account. See App., infra, 2a, 8a-10a. The government’s application established probable cause to believe that the account was being used to conduct criminal drug activity.

This is how most arguments for expansions of law enforcement reach and grasp go: talk about how it will be used to stop terrorists; actually use it to hunt down normal criminals.

The petition admits Congress meant for domestic laws to only be applied domestically before arguing certain "applications" of US law should be seen as permissible inversions of Congressional intent. The DOJ argues Microsoft's United States offices should permit worldwide searches of its data centers. Once again, the government's arguments that stored communications are no different than paper files in a file cabinet (made when it wants broadly-written electronic storage searches to be seen as no more intrusive than a residence search) works against it. This interpretation of the Stored Communications Act means any service provider anywhere could be made to hand over documents stored overseas as long as they have a US office where a warrant can be served. This would be the case even if the service provider has no US storage locations and nothing more than a US-based "storefront" for convenience.

Microsoft has already responded with a lengthy blog post. It points out the better way forward is not to have the Supreme Court reinterpret a 30-year-old law, but rather to work with US service providers and Congress to build a better law that addresses the world as it is now.

The litigation path DOJ is now trying to extend in parallel to legislative progress seeks to require the Supreme Court to decide how a law written three decades ago applies to today’s global internet. The previous decision was soundly in our favor, and we’re confident our arguments will be persuasive with the Supreme Court. However, we’d prefer to keep working alongside the DOJ and before Congress on enacting new law, as Judge Lynch suggested, that works for everyone rather than arguing about an outdated law. We think the legislative path is better for the country too.

The post also points out cooperation with foreign law enforcement is a much faster process than has been portrayed by the DOJ, which insists it takes "weeks" to see results of these cooperative efforts. Following the Charlie Hebdo attack, Microsoft was able to turn over US-stored communications to French law enforcement in under an hour.

What the DOJ doesn't seem to understand (or genuinely just doesn't care about) is a decision granting it the power to seize communications from anywhere in the world would result in foreign governments expecting the same treatment when requesting communications stored in the US.

Should people be governed by the laws of their own country? If the decision in our case were reversed, it would subject every person in the world to every other country’s legal process. The email of a person who lives and works in Dublin would be subject to an American warrant issued by a U.S. court just as an American would be subject to an Irish warrant. Our customers tell us they want to be governed by the laws of their own government, and they deserve the certainty of knowing what laws govern their data.

If the Supreme Court decides to grant the DOJ's petition, this won't be argued until the next session, leaving the DOJ plenty of time to work on its legislative proposals. Hopefully, it's actually working with US service providers on this, rather than thinking it's the only stakeholder of importance in the legislative process.

Permalink | Comments | Email This Story
]]>world-is-[potentially]-yourshttps://www.techdirt.com/comment_rss.php?sid=20170626/05205137665Fri, 26 May 2017 10:43:51 PDTHelping Platforms Protect Speech By Avoiding Bogus SubpoenasCathy Gellishttps://www.techdirt.com/articles/20170523/16473937440/helping-platforms-protect-speech-avoiding-bogus-subpoenas.shtml
https://www.techdirt.com/articles/20170523/16473937440/helping-platforms-protect-speech-avoiding-bogus-subpoenas.shtml
We often talk about how protecting online speech requires protecting platforms, like with Section 230 immunity and the safe harbors of the DMCA. But these statutory shields are not the only way law needs to protect platforms in order to make sure the speech they carry is also protected.

Earlier this month, I helped Techdirt's think tank arm, the Copia Institute, file an amicus brief in support of Yelp in a case called Montagna v. Nunis. Like many platforms, Yelp lets people post content anonymously. Often people are only willing to speak when they can do so without revealing who they are (note how many people participate in the comments here without revealing their real names), which is why the right to speak anonymously has been found to be part and parcel of the First Amendment right of free speech . It's also why sites like Yelp let users post anonymously, because often that's the only way they will feel comfortable posting reviews candid enough to be useful to those who depend on sites like Yelp to help them make informed decisions.

But as we also see, people who don't like the things said about them often try to attack their critics, and one way they do this is by trying to strip these speakers of their anonymity. True, sometimes online speech can cross the line and actually be defamatory, in which case being able to discover the identity of the speaker is important. This case in no way prevents legitimately aggrieved plaintiffs from using subpoenas to discover the identity of those whose unlawful speech has injured them to sue them for relief. Unfortunately, however, it is not just people with legitimate claims who are sending subpoenas; in many instances they are being sent by people objecting to speech that is perfectly legal, and that's a problem. Unmasking the speakers behind protected speech not only violates their First Amendment rights to speak anonymously but it also chills the speech the First Amendment is designed to foster generally by making the critical anonymity protection that plenty of legal speech depends on suddenly illusory.

There is a lot that can and should be done to close off this vector of attack on free speech. One important measure is to make sure platforms are able to resist the subpoenas they get demanding they turn over whatever identifying information they have. There are practical reasons why they can't always fight them -- for instance, like DMCA takedown notices, they may simply get too many -- but it is generally in their interest to try to resist illegitimate subpoenas targeting the protected speech posted anonymously on their platforms so that their users will not be scared away from speaking on their sites.

But when Yelp tried to resist the subpoena connected with this case, the court refused to let them stand in to defend the user's speech interest. Worse, it sanctioned(!) Yelp for even trying, thus making platforms' efforts to stand up for their users even more risky and expensive than they already are.

So Yelp appealed, and we filed an amicus brief supporting their effort. Fortunately, earlier this year Glassdoor won an important California State appellate ruling that validated attempts by platforms to quash subpoenas on behalf of their users. That decision discussed why the First Amendment and California State Constitution required platforms to have this ability to quash subpoenas targeting protected speech, and hopefully this particular appeals court will agree with its sister court and make clear that platforms are allowed to fight off subpoenas like this. As we pointed out in our brief, both state and federal law and policy require online speech to be protected, and preventing platforms from resisting subpoenas is out of step with those stated policy goals and constitutional requirements.

Permalink | Comments | Email This Story
]]>it's-importanthttps://www.techdirt.com/comment_rss.php?sid=20170523/16473937440Wed, 17 May 2017 10:42:00 PDTDA's Office Facing Multiple Lawsuits Related To Its Use Of Fake Subpoenas To Intimidate WitnessesTim Cushinghttps://www.techdirt.com/articles/20170517/09320337392/das-office-facing-multiple-lawsuits-related-to-use-fake-subpoenas-to-intimidate-witnesses.shtml
https://www.techdirt.com/articles/20170517/09320337392/das-office-facing-multiple-lawsuits-related-to-use-fake-subpoenas-to-intimidate-witnesses.shtml
The Louisiana district attorney whose office issued bogus subpoenas to trick witnesses into "volunteering" their testimony is now facing multiple lawsuits. DA Leon Cannizzaro's office was sued on May 12th by the Roderick and Solange MacArthur Justice Foundation for its refusal to turn over copies of every fake subpoena it has issued.

The MacArthur suit seeks copies of every subpoena issued by the DA's office since 2013 -- those properly authorized by a judge, as well as the fraudulent "DA's subpoenas" intended to appear as if they carried legal weight.

The ACLU suit seeks the names and Louisiana Bar Association numbers of any attorney in Cannizzaro's office responsible for using one of the fake documents. An attorney who knowingly used a fraudulent document to compel witness testimony could be subject to penalties ranging from ethical misconduct sanctions by the Louisiana Attorney Disciplinary Board to the unlikely extreme of criminal charges brought by the state Attorney General's office related to forgery.

So far, Cannizzaro's office has no comment on the lawsuits (other than to say it hasn't been served with either suit yet). The only comment Cannizzaro's office has made is that the practice predates his tenure, as if that somehow excuses the ethical and (possibly) legal boundaries his office crossed. As a deflection, it's horrible. It's like claiming you still approve general warrants because your British predecessors did.

I'm sure DA Cannizzaro has several reasons for not immediately handing over these documents, all of them related to mitigating the damage done by these revelations. There may be a day of judicial reckoning ahead for Cannizzaro and his underlings, and the longer he can keep these documents out of the public's hands, the longer it will be until he can be confronted with the evidence.

Cannizzaro's office now has multiple opportunities to see what it feels like to be a defendant, and most likely will be the recipient of genuine subpoenas demanding compliance under the pain of actual jailing. Process servers will now have to navigate groups of protesters calling for Cannizzaro's removal just to hand him copies of these lawsuits. And all of this could have been avoided by Cannizzaro, if he had just decided against carrying on the unethical "tradition" of intimidating possible witnesses with fake subpoenas and bogus legal threats.

Permalink | Comments | Email This Story
]]>apparently-ethical-violations-are-just-part-of-the-office's-'traditions&https://www.techdirt.com/comment_rss.php?sid=20170517/09320337392Mon, 12 Dec 2016 08:31:00 PSTIf You're Worried About What President Trump Can Do To The Press, Blame President ObamaMike Masnickhttps://www.techdirt.com/articles/20161211/22175836252/if-youre-worried-about-what-president-trump-can-do-to-press-blame-president-obama.shtml
https://www.techdirt.com/articles/20161211/22175836252/if-youre-worried-about-what-president-trump-can-do-to-press-blame-president-obama.shtmlthreatening them with bogus defamation claims that rarely seem to turn into actual lawsuits. Trump famously promised to "open up" the libel laws if he became President, though there really isn't that much he can do on that issue directly.

But, as a story at Politco is noting, it's probably not libel laws that reporters should be worried about: it's things like the Espionage Act and bogus intrusive investigations of reporters by the DOJ. And, really, while the report only mentions this in passing, if a President Trump goes down that route, it'll be because he's picking up on the trend created by his predecessor, President Obama. As we've noted, President Obama has used the Espionage Act against more whistleblowers than all other Presidents in history combined. In fact, he used it more than twice as many times as all others combined. Think about that.

During the Obama administration, the Justice Department brought more criminal charges under the Espionage Act—a vague 1917 law that makes it illegal to share information related to national security—than it had under all previous presidents combined. It used the Espionage Act seven times against government employees who spoke to reporters. If Trump continues to aggressively prosecute reporters’ sources, it will make it much tougher for journalists to report on the government.

“What is very true is that an increase in prosecution of leakers and leak investigations has a huge chilling effect on the ability to report important information about what the government is up to,” said Laura Handman, a partner at Davis Wright Tremaine who specializes in media and First Amendment law.

This could be especially damaging to journalists because confidential sources and government leakers are likely to be the best source of exposing potential wrongdoing in Trump’s government.

And that's not the only intimidating tip that a President Trump could pick up from President Obama:

Trump’s Justice Department could also ask for more federal grand jury subpoenas against reporters who rely on confidential sources to report on government activities.

This is another tactic that the Obama administration has used. New York Times reporter James Risen was nearly held in contempt of court and thrown in jail when he refused to identify one of his sources, who was being prosecuted under the Espionage Act.

The Trump administration could even try to use the Espionage Act to bring criminal charges against journalists, according to First Amendment experts.

“There are sections of the Espionage Act which have now been used, under President Obama, against leakers which could be used against those who publish information obtained from those leakers,” Abrams said.

The article also talks about the infamous and ridiculous case of James Rosen, a Fox News reporter that the Obama administration came mighty close to using the Espionage Act on, calling Rosen a "co-conspirator" in the leaking of confidential information. Then Attorney General Eric Holder later admitted he regretted this decision, but it was pretty difficult to take seriously.

Here at Techdirt we called out the Obama administration many, many times on these highly questionable tactics, intimidating and threatening whistleblowers and journalists alike. And people told us we were overreacting. Somehow, I get the feeling that those who opposed Trump in the election will suddenly have a change of heart over these practices. If Trump goes down that road, those who are upset should be blaming President Obama and his Justice Department for leading the way.

Permalink | Comments | Email This Story
]]>look at that roadmaphttps://www.techdirt.com/comment_rss.php?sid=20161211/22175836252Mon, 11 Apr 2016 08:31:00 PDTAppeals Court Says Google Must Take Further Abuse From AG Jim Hood Before It Can Challenge Hood's Abusive BehaviorTim Cushinghttps://www.techdirt.com/articles/20160409/09181234135/appeals-court-says-google-must-take-further-abuse-ag-jim-hood-before-it-can-challenge-hoods-abusive-behavior.shtml
https://www.techdirt.com/articles/20160409/09181234135/appeals-court-says-google-must-take-further-abuse-ag-jim-hood-before-it-can-challenge-hoods-abusive-behavior.shtml
Towards the end of 2014, Google filed for an injunction against Mississippi Attorney General Jim Hood, whose close ties with the MPAA had led to a sustained campaign of harassment over Google's supposed lack of interest in policing the entire internet for infringing material.

Early in 2015, the district court granted Google's requested injunction against Hood's 79-page subpoena, which the court noted was a "burdensome fishing expedition" that went beyond the bounds of what a state AG could actually demand. Not only that, but the court noted that many of Hood's actions were blocked by Section 230 of the CDA because the content in question had been uploaded by third parties.

Unfortunately for Google, the Fifth Circuit Appeals Court has reversed the lower court's decision and vacated the injunction. It's being portrayed as a victory for the MPAA and its kept man, Jim Hood, but those actually reading the decision will find the reversal is just procedural. TL; DR: Google must face additional legal harassment from Jim Hood before it can challenge said legal harassment in a federal court.

We conclude that the district court erred in granting injunctive relief because neither the issuance of the non-self-executing administrative subpoena nor the possibility of some future enforcement action created an imminent threat of irreparable injury ripe for adjudication.

The decision also notes that it is passing no judgment on Hood's subpoena nor his other actions against Google.

We express no opinion on the reasonableness of the subpoena or on whether the conduct discussed in the parties’ briefs could be held actionable consistent with federal law.

Which works out in Hood's favor, as a great deal of the opening of the opinion details the many, many actions Google undertakes to address online piracy -- including its swift responsiveness to Hood's increasingly ridiculous demands. [emphasis added]

Google has made some changes in response to Hood’s investigation. It created a “trusted flag” mechanism through which Google promptly reviewed videos Hood’s office complained about. After being trained on that tool, Hood’s office flagged seven videos, six of which Google quickly took down. When asked by the district court, Hood’s counsel could not identify any investigatory efforts related to the videos his office flagged. His office has nevertheless asked that Google immediately remove flagged videos pending review and “consider implementing a more comprehensive content evaluation process.”

As for the broad subpoena the company is challenging, Google has already turned over 100,000 pages of documents in response. These documents showed the content targeted by Hood's office (but not, notably, by any investigation) was generated by third parties. This still wasn't enough for Hood, who refused to narrow the scope of the subpoena -- leading directly to Google's injunction request and the district court's grant of this request.

The Appeals Court -- while reversing the injunction -- notes that Hood's actions against Google do present possible First Amendment issues, but nothing about the actions taken by both parties to date brings it to the level where it feels it can uphold Google's request. The court similarly finds Hood's attempt to force the federal court system to resolve this (in his favor) by denying Google the right to bring its challenge of his actions to a federal court -- either at this point or at any point in the future.

We first reject Hood’s contention that we can resolve this case on the simple ground that the district court lacked federal-question jurisdiction. Federal courts have jurisdiction over “all civil actions arising under the Constitution, laws, or treaties of the United States.” 28 U.S.C. § 1331. We apply the “well-pleaded complaint rule” to determine whether a suit arises under federal law, asking “whether the plaintiff has affirmatively alleged a federal claim.” New Orleans & Gulf Coast Ry. Co. v. Barrois, 533 F.3d 321, 328 (5th Cir. 2008). As a corollary, “anticipated or potential defenses, including defenses based on federal preemption, do not provide a basis for federal question jurisdiction.” Id. Here, Google brings four claims under 42 U.S.C. § 1983 alleging violations of the United States Constitution and federal statutory law. This satisfies the well-pleaded complaint rule.

In the end, it boils down to Hood having to make some forward progress in his "investigation." As it stands now, Google is on the receiving end of an incredibly broad subpoena and has complied with portions of it. It has challenged the subpoena based on anticipated actions by Hood in the future if it fails to comply with all aspects of it, but Hood has not moved forward with any punitive actions as of yet. Until he does, the court is unable to support an injunction against Hood.

The statute under which this administrative subpoena was issued gives Hood no authority to enforce it; instead, if the recipient refuses to comply, the Attorney General “may, after notice, apply” to certain state courts “and, after hearing thereon, request an order” granting injunctive or other relief and enforceable through contempt.

[...]

Hood has not brought an enforcement action. And Google does not contest Hood’s assertions that it could raise its objections to the administrative subpoena if Hood ever brings an enforcement proceeding. The only real difference is that we have before us a state, not federal, subpoena. But we see no reason why a state’s non-self-executing subpoena should be ripe for review when a federal equivalent would not be. If anything, comity should make us less willing to intervene when there is no current consequence for resisting the subpoena and the same challenges raised in the federal suit could be litigated in state court.

In this as in any context, equitable relief is only appropriate when necessary to avoid an imminent irreparable injury. Because the administrative subpoena is not ripe for review, we hold that the district court should have rejected Google’s pre-enforcement challenge.

This ruling means Hood has to make the next move. Until he does, Google cannot seek an injunction as it cannot claim imminent irreparable injury when all Hood has done to this point is be an officious pain in the ass. If he seeks legal recourse for Google's failure to comply, Google can challenge the act with an injunction. Until then, both parties can do little more than glare at each other angrily. The MPAA thinks this is a win. It's not even a tie, and the court's depiction of the events leading up to the failed injunction request are hardly favorable to Jim Hood.

Permalink | Comments | Email This Story
]]>you must get fucked a little longer before we can examine complaints of chafinghttps://www.techdirt.com/comment_rss.php?sid=20160409/09181234135Fri, 2 Oct 2015 12:50:05 PDTMalibu Media Copyright Troll Wakes The Beast In Trying To Push Verizon AroundMike Masnickhttps://www.techdirt.com/articles/20151001/17310432417/malibu-media-copyright-troll-wakes-beast-trying-to-push-verizon-around.shtml
https://www.techdirt.com/articles/20151001/17310432417/malibu-media-copyright-troll-wakes-beast-trying-to-push-verizon-around.shtmldoes have a strong history of protecting its users against crazy copyright trolling and other forms of attacks. Verizon led the way in fighting back against the RIAA when it started demanding Verizon hand over information on tons of customers before any lawsuits were filed. Verizon won. Without this big victory, the copyright trolling situation today would be much, much worse. Verizon has also been known to be on the side of good when the RIAA and MPAA push for extreme changes to copyright laws as well. So it's no surprise that it's now entering a key case in the US's biggest copyright troll, Malibu Media.

In a case before Judge Katherine Forrest in the Southern District of NY, things have not been going that well for Malibu Media. And, this may be surprising to some, given prior to becoming a judge, Forrest was one of the RIAA's lawyers in copyright lawsuits over online infringement. Yes, really.

As per usual, the FightCopyrightTrolls site has been doing a great job keeping tabs on this case, which started getting attention a month ago when the lawyers representing the (still anonymous) John Doe defendant called Judge Forrest's attention to Malibu Media's latest nasty shakedown trick. Earlier in the case, Malibu Media was granted discovery of the Doe's computers and couldn't find any evidence of the Malibu Media/Xart material. But rather than drop the case, Malibu Media's legal team did the standard trick of subtly threatening to embarrass/harass the Doe if he didn't pay up, by putting him through a litany of irrelevant questions designed to find out other people who know the Doe who Malibu Media might go after:

During the deposition, Malibu’s counsel propounded a morass of irrelevant questions
concerning, inter alia, Doe’s educational background (including factual and technical details
about the courses Doe studied), the identity and location of Doe’s family members, the identity
and location of Doe’s employers years before the relevant period herein (including factual and
technical details about Doe’s job roles and responsibilities), the location of Doe’s residences
years before the relevant period herein, the existence of Doe’s resume/CV, identity and location
of persons in Doe’s personal and social life. Indeed, Doe answered questions about two decades’
worth of his life. This line of questioning lasted for more than 2.5 hours. Doe’s testimony in
response to these questions is not relevant or material to Malibu’s single cause of action for
direct copyright infringement or any of Doe’s defenses.

[....]

Dissatisfied with the lack of evidence of infringement and existence of testimony denying
same, Malibu’s counsel falsely accused Doe of destroying evidence and reiterated her intention
to depose Doe’s significant other (wrongly identified by Malibu as Doe’s wife). In person, at the
deposition, the undersigned reiterated Doe’s objection to producing Doe’s significant other and
indicated that no evidence exists as to infringement by Doe, such that testimony from any other
person concerning same has no probative value and would be pursued only for purposes of
harassment. Malibu’s counsel reiterated Malibu’s intention to depose Doe’s significant other
and potentially other parties.

[....]
While Doe is cognizant of Malibu’s ostensible desire to conduct thorough discovery, it
has become apparent that, in the absence of any evidence of infringement on Doe’s part, Malibu
is conducting a fishing expedition and campaign of harassment by threatening to depose nonparty
witnesses on irrelevant topics and to continue to depose Doe on same. In so doing, Malibu
is attempting to prevent ultimate resolution in this matter by creating the false sense that
evidence of infringement or wrongdoing exists.

Protective order granted. Plaintiff may not subpoena neighbors or Defendant’s significant other based on the current record. As to the neighbors, Plaintiff would be engaged in a fishing expedition and/or harassment of defendant (by way of causing embarrassment/humiliation).

The issue in this is [sic] case is did this defendant download Plaintiff’s works — not anyone living in the apartments nearby.

As to Defendant’s significant other, the Court has read the transcript of the deposition. The testimony is that any use of this woman was on Defendant’s computer. There is no evidence that the computer has or had any of Plaintiff’s copyrighted works that I can see — thus, whether the girlfriend used the computer is irrelevant.

Malibu Media is not happy about this. It is both continuing to push the issue by arguing that the Doe should be "sanctioned" for "perjury" because its "computer forensic examiner has discovered that Defendant used military grade computer wiping software to delete material evidence from his hard drive" and it has asked to subpoena Verizon to try to continue its fishing expedition.

Here, Plaintiff has not demonstrated “good cause” for extending the discovery cut-off. Its
subpoena suffers from multiple defects. It was served on the eve of the discovery cut-off
without affording Verizon any meaningful opportunity to investigate the alleged facts. The
subpoena was issued from this district but served in Texas and purports to command the
appearance of Verizon’s representatives—who reside in or near Arlington, Virginia—to
testify on six days’ notice in Texas, i.e., outside the 100-mile radius for commanding
testimony of a witness.... And, the subpoena seeks
information far beyond that contemplated by the Cable Communications Policy Act (“Cable
Act”) as discoverable from an ISP — i.e., more than the name and address of the subscriber
associated with an IP address, which Verizon already provided in response to an earlier
subpoena in this action. Verizon objected in writing to the current subpoena within six days
of service, yet Plaintiff has made no real attempt to address those objections.

At bottom, Malibu Media’s subpoenas impose a significant, cumulative burden on Verizon,
while “us[ing] the offices of the Court as an inexpensive means to gain the Doe defendants’
personal information and to coerce payment from them.” K-Beech, Inc. v. Does, 2011 U.S.
...; see also Northwestern Mem’l Hosp. v.
Ashcroft,... (rejecting argument that a subpoena causes no
undue burden merely because “the administrative hardship of compliance would be modest,”
but considering instead “the rash of suits around the country” and the publicity generated).
Given the defects in the subpoena and other problems addressed herein, Verizon respectfully
submits that Plaintiff’s request for relief should be rejected.

Many people have wondered why Malibu Media/Xart have not yet faced the same sort of crackdown as Team Prenda, and it seems likely that it's only a matter of time, and the right case -- with the right judge. Getting a big ISP involved in a case seems like the kind of thing that could finally tip the scales -- as it did in one of the key Prenda cases as well.

Permalink | Comments | Email This Story
]]>not-a-good-ideahttps://www.techdirt.com/comment_rss.php?sid=20151001/17310432417Thu, 20 Aug 2015 23:04:00 PDTDOJ Issues First Annual Media Subpoena ReportTim Cushinghttps://www.techdirt.com/articles/20150820/07283832013/doj-issues-first-annual-media-subpoena-report.shtml
https://www.techdirt.com/articles/20150820/07283832013/doj-issues-first-annual-media-subpoena-report.shtml
The DOJ has released its inaugural report on use of subpoenas to obtain information from "media sources." This is part of former Attorney General Eric Holder's nod to transparency -- a nod he gave shortly before leaving office. We'll have to watch this space in 2016 to see if it will actually become an "annual" report. (And if it is, we'll also have to watch this space to see if Reason and Popehat are considered by the DOJ to be "media sources" after tangling with both over the discussion of federal judges and woodchippers.)

That being said, there's some interesting information in here, including the DOJ's hassling of the New York Times.

In connection with the trial of former CIA officer Jeffrey Sterling, who was charged with, and convicted of, offenses related to his unauthorized disclosure of national security information, the Attorney General authorized the Criminal Division and the USAO for the Eastern District of Virginia to issue a subpoena to New York Times reporter James Risen. The authorization was limited to eliciting testimony at trial and/or pretrial hearings confirming (1) that Risen has a confidentiality agreement with a particular source, (2) that Risen authored a particular chapter in his book State of War, (3) that statements attributed to an unnamed source were, in fact, made by an unnamed source, (4) that statements attributed to an identified source were, in fact, made by an identified source, and (5) the existence of a prior non-confidential reporter-source relationship with Sterling.

[...]

The subpoena was issued, and Risen testified at a pretrial hearing. He was not called to testify at trial.

That last sentence is particularly interesting as it pretty much glosses over the DOJ's about face on Risen's testimony. It pushed hard to force Risen to testify in hopes of getting him to reveal his confidential source. Risen did testify (pre-trial) but refused to disclose his source's identity. The DOJ then decided that if it wasn't able to get what it wanted from him, then neither should anyone else. It moved to declare Risen an "unavailable witness," in hopes of blocking the defense from using any testimony he would provide against the government. In the DOJ's retelling of the event, its fruitless struggle to obtain information and its subsequent attempt to block further testimony from Risen is reduced to a very short and very neutral sentence: "He was not called to testify."

Of additonal bemusement is the DOJ's interest in determining whether Risen's "unnamed source" was actually an "unnamed source." It appears the government believes it should be the sole provider of "unnamed sources," and then only when such statements deliver the government's unofficial official positions.

The DOJ also tried to compel an unnamed "television news producer" to testify on inflammatory statements made to him by convicted terrorist Khalid al Fawwaz. Although the "transparency" report doesn't name the source targeted by the subpoena, the information the DOJ remains coy about is already in the public domain, as Britain Eakin of Courthouse News Service points out.

Media reports last year identified the witness in question as "60 Minutes" news producer Richard Bonin.

The DOJ says it wanted the producer to testify about anti-American and anti-Semitic statements al-Fawwaz made to him, but that prosecutors ultimately decided not to issue the subpoena when the producer said he would contest it.

Other items listed are more run-of-the-mill, including the subpoenaing of media footage of the 2013 Boston Marathon finish line, as well as other footage/recordings of interest to criminal prosecutions. Subpoenas were also issued to media entities to obtain information related to the DOJ's investigation of these entities for antitrust violations and a "tax-related prosecution."

The government's insatiable desire for redundancy is also on display in the three-page report.

In connection with the prosecution of Roger Key for conspiracy to commit murder-for-hire, attempted murder-for-hire, and aiding and abetting the unlawful discharge of a firearm. the United States Attorney for the Southern District of New York authorized the issuance of a subpoena to a news media entity for the broadcast footage of, and script for, a report concerning a related murder. The news media entity expressly agreed to provide the requested recordings in response to a subpoena.

So far, so good. But...

Ultimately, the news media entity failed to respond to the subpoena.

That sucks, except…

[W]hile the subpoena was pending, the USAO negotiated with the defense a stipulation regarding the admissibility of the publicly broadcast report.

Yes, the DOJ subpoenaed a publicly-broadcast news report. I would guess the media entity decided not to respond because the information sought was already publicly available. The DOJ's move to obtain a stipulation while the subpoena was still pending suggests someone involved realized this paperwork was unnecessary to achieve its aims.

The report may be brief, light on specifics (some of it due to ongoing prosecutions) and occasionally needlessly opaque (not identifying Robert Bonin, etc.), but it does retain one distinct advantage over all previous DOJ subpoena reports: this one actually exists! Here's to next year's annual report, which will hopefully give us a look at the DOJ's investigation of comment thread bombast and hyperbole.

Permalink | Comments | Email This Story
]]>freedom-of-the-press?https://www.techdirt.com/comment_rss.php?sid=20150820/07283832013Thu, 4 Jun 2015 04:15:06 PDTHouse Overwehelmingly Passes Amendments Blocking Funding For Undermining EncryptionMike Masnickhttps://www.techdirt.com/articles/20150603/17332431213/house-overwehelmingly-passes-amendments-blocking-funding-undermining-encryption.shtml
https://www.techdirt.com/articles/20150603/17332431213/house-overwehelmingly-passes-amendments-blocking-funding-undermining-encryption.shtmlsmall first step in the long road to real surveillance reform. On Wednesday, the House took another small step, voting overwhelmingly in favor of an amendment to an appropriations bill put forth by Rep. Thomas Massie that blocks funding to the National Institute of Science and Technology (NIST) for working with the NSA or CIA to undermine or backdoor encryption. This appears to be quite similar to part of the similar amendment last year that banned both this kind of NIST coordination, but also the NSA's use of backdoor searches under Section 702. As far as I can tell, this new amendment does not include that latter bit. Either way, this amendment passed 383 to 43.

It appears that another amendment, put forth by Rep. Ted Poe also passed by voice vote and it would block the use of funds from the DOJ/FBI from being used "to mandate or request that a person alter the product or service of the person to permit electronic surveillance of any user or service" except in cases required under existing wiretapping law.

Both of these are very big deals, and the fact that they passed so easily suggests that the House is nowhere near done on pushing for real surveillance reform. Of course, whether or not these actually go anywhere is another story. As you may recall, after passing overwhelmingly last year, under pressure to get a big omnibus bill done at the end of the year, the House leadership agreed to drop those provisions under pressure from the intelligence community.

Also, one other interesting amendment also appears to have passed easily by voice vote, which is an amendment put forth by Jared Polis, and would make it clear that the DEA cannot do bulk collection under its subpoena authority. As was detailed a few weeks ago, for many years, the DEA had been using this authority to collect tons of phone records, and the program only ended once the administration realized that the claims it was using in support of the NSA's bulk collection didn't apply to the DEA's collection, and thus they couldn't really continue it. Polis's amendment means that this particular loophole is closed for good (not that others might still be open...).

Again, all three of these may not survive all the way into law, but it does show that there's still a very strong interest in the House to continue pushing back against surveillance abuse.

Permalink | Comments | Email This Story
]]>closing-the-backdoorhttps://www.techdirt.com/comment_rss.php?sid=20150603/17332431213Tue, 26 May 2015 11:47:17 PDTCox Claims Rightscorp's 'Extortionate' Lawsuit Really A Backdoor Way To Get Subscribers' InfoTim Cushinghttps://www.techdirt.com/articles/20150525/12523631096/cox-claims-rightscorps-extortionate-lawsuit-really-backdoor-way-to-get-subscribers-info.shtml
https://www.techdirt.com/articles/20150525/12523631096/cox-claims-rightscorps-extortionate-lawsuit-really-backdoor-way-to-get-subscribers-info.shtmlRightscorp (via two music publishers) has dragged Cox into court to test its novel (read: legally unsound) theory that complying with the DMCA means cutting off service to "repeat infringers." The theory itself is largely untested, but far from promising. But that isn't stopping BMG and Round Hill Music (with Rightscorp as a not-so-silent partner) from taking a flyer on a bad legal bet. Certainly, the theory would be advantageous to the shakedown efforts Rightscorp generously refers to as a "business model," but, so far, the only thing being offered as "evidence" of repeat infringement is Rightscorp's own declarations.

Those declarations are highly suspect. Cox has filed an opposition to Rightscorp's Motion to Compel that highlights the anti-piracy company's extortion-esque tactics.

“Rightscorp is in the business of threatening Internet users on behalf of copyright owners. Rightscorp specifically threatens subscribers of ISPs with loss of their Internet service — a punishment that is not within Rightscorp’s control — unless the subscribers pay a settlement demand,” Cox writes (pdf).

Cox has refused to participate in Rightscorp's quasi-legal activities. While the company is not opposed to passing on infringement allegations, it did ask Rightscorp to remove the threatening language (cutting off service, $150,000 per infringement claim) first. Rightscorp refused to do so. This impasse is obviously unacceptable to Rightscorp, which depends on the (very) occasional settlement payment to keep its business barely afloat.

As Cox points out, Rightscorp has decided the best course of action is to maintain its unsteady perch on the edge of legality. In the filing, Cox alleges that Rightscorp tried to make the ISP a "business partner" in its shakedown attempts.

“Rightscorp had a history of interactions with Cox in which Rightscorp offered Cox a share of the settlement revenue stream in return for Cox’s cooperation in transmitting extortionate letters to Cox’s customers. Cox rebuffed Rightscorp’s approach,” Cox informs the court.

But that's not the only legally-dubious tactic the "cutting edge" anti-piracy firm has deployed. It's also attempting to use this lawsuit's discovery process to sidestep subpoena limitations.

The motion lays bare one of Plaintiffs’ primary reasons for bringing this lawsuit. Plaintiffs seek to circumvent the Cable Privacy Act process and instead use discovery in this case to force Cox to reveal, en masse, PII for possibly tens of thousands of Internet subscribers who Plaintiffs speculate might be violating their copyrights. The Cable Privacy Act expressly prohibits Cox from disclosing its subscribers’ PII, for good reason: Internet subscribers have a compelling privacy interest in the confidentiality of their personal information, which can of course be vulnerable to exploitation for myriad improper purposes. If a copyright holder earnestly believes that an unnamed Internet subscriber is infringing upon its copyrights, the proper course is to bring a “John Doe” lawsuit against the subscriber and then to use third-party subpoena power to obtain identifying information from the user’s Internet Service Provider. That legitimate procedure allows notice to the subscriber and an opportunity for the subscriber to act to protect his or her rights. It also relieves the ISP of the unfair responsibility of adjudicating which of the two competing interests (the subscriber’s or the accuser’s) should trump the other.

[...]

Plaintiffs nominally (Rightscorp in reality) claim to have identified “approximately 150,000” infringers, including several hundred “egregious infringers,” among Cox’s subscribers. But Plaintiffs apparently have only IP addresses to go on. (Doc. 72, Corrected Br. at 3.) Plaintiffs have not filed any “John Doe” lawsuits against Cox customers and have not sought information from Cox by subpoena. More importantly, Plaintiffs do not seek, and have not sought, leave to add “John Doe” defendants in this case.

[...]

The practical dynamics of this motion are suspect: If there are 150,000 infringers among Cox subscribers, as Plaintiffs claim, why would they limit themselves (at least for now) to just 500 “egregious infringers”? Will Plaintiffs seek to depose or serve Rule 45 subpoenas on those 500? Will Plaintiffs now seek to add those 500 as co-defendants? Why do Plaintiffs want a blank-check “open order” to continually demand that Cox reveal more identities at later stages in this action? When tested in practical terms, Plaintiffs’ motion makes no sense, and their arguments plainly are an obvious pretext for some other motive.

"Pretext for some other motive" basically describes the entirety of Rightscorp's business model. It subpoenas ISPs for subscriber info, under the unspoken pretext that further legal action is in the offing. But instead of suing file sharers, the company instead uses the information to harass subscribers into paying "settlements" for alleged infringement.

Despite the damning claims made by Cox, the court has partially granted the questionable Motion to Compel. The ISP has been ordered to turn over the "Top 250 IP Addresses recorded to have infringed in the six months prior to filing the Complaint." This distinction is important, because as Cox points out in its opposing motion, the plaintiffs' constantly-widening net had managed to drag in alleged infringers whose infringement didn't occur until after the lawsuit was filed.

Plaintiffs’ stated justifications for their extraordinary request do not help Plaintiffs’ cause. Plaintiffs acknowledge that they “must establish direct infringement of the copyrighted works asserted in this case,” and imply that their motion serves that end. (Doc. 72, Corrected Br. at 4.) But that implication is illogical because Plaintiffs seek PII for 500 subscribers of the 150,000 supposedly implicated here. Surely Plaintiffs are not prepared to concede that their claims fail for the works that the other 149,500 subscribers allegedly infringed. Notably, of the 500 allegedly “egregious infringers” the Plaintiffs hand-picked, 250 allegedly infringed after this lawsuit was filed. (Doc. 72, Corrected Br. at 4.) Those subscribers’ alleged infringements, therefore, cannot have formed a basis for Plaintiffs’ claims in this suit. And nowhere do Plaintiffs even assert that Rightscorp sent purported DMCA notices to Cox with respect to those particular subscribers.

Cox has come out swinging in the early going, and its assertions confirm much of what has been written about Rightscorp and its tactics. This aggressive stance should help uncover plenty of damning details, none of which should have a positive effect on Rightscorp's shriveling stock price.

Permalink | Comments | Email This Story
]]>cox-blockedhttps://www.techdirt.com/comment_rss.php?sid=20150525/12523631096Fri, 17 Apr 2015 19:39:00 PDTSEC Boss Can't Keep Her Story Straight On Whether Or Not SEC Snoops Through Your Emails Without A WarrantMike Masnickhttps://www.techdirt.com/articles/20150415/17062430669/sec-boss-cant-keep-her-story-straight-whether-not-sec-snoops-through-your-emails-without-warrant.shtml
https://www.techdirt.com/articles/20150415/17062430669/sec-boss-cant-keep-her-story-straight-whether-not-sec-snoops-through-your-emails-without-warrant.shtmlECPA reform. ECPA is the Electronic Communications Privacy Act, written in the mid-1980s, which has some frankly bizarre definitions and rules concerning the privacy of electronic information. There are a lot of weird ones but the one we talk about most is that ECPA defines electronic communications that have been on a server for 180 days or more as "abandoned," allowing them to be examined without a warrant and without probable cause as required under the 4th Amendment. That may have made sense in the 1980s when electronic communications tended to be downloaded to local machines (and deleted), but make little sense in an era of cloud computing when the majority of people store their email forever on servers. For the past few years, Congress has proposed reforming ECPA to require an actual warrant for such emails, and there's tremendous Congressional support for this.

And yet... it never seems to pass. The story that we keep hearing is that two government agencies in particular really like ECPA's outdated system: the IRS and the SEC. Since both only have administrative subpoena power, and not the ability to issue warrants like law enforcement, the lower standards of ECPA make it much easier for them to snoop through your emails without having to show probable cause. Last year, in a Congressional hearing, the SEC's boss, Mary Jo White, was questioned about this by Congressman Kevin Yoder, who has been leading the charge on ECPA reform. As we reported at the time, in the conversation, White clearly said that the SEC needed this ability or it would lose "critical" information in its investigations. You can see the conversation from 2014 below, where White (starting around 2:30) explains how vital this process is to the SEC:

Here's the key line:

"What concerns me, as the head of a... law enforcement agency, is that we not put out of reach of lawful process... what is often, sometimes the only, but critical evidence of a serious securities fraud.... And we use that authority quite judiciously, but it's extremely important to law enforcement."

What struck us as interesting last year was White admitting that the SEC appeared to regularly use this process, since she noted that it was "extremely important" and provided "critical evidence."

Fast forward to this week, and the same two players were involved in yet another Congressional hearing. You can
see that conversation here as well, with the critical point being made after about four and a half minutes, where White says some of the same stuff, about the privacy protections, and how even if the SEC used this process it still notifies the subscribers to give them a due process right to protest the subpoena... but also, oddly, seems to claim that the SEC never actually makes use of this process:

Here's the key line this time (the full response is a jumble of half sentences and unfinished thoughts, so it's a bit of a mess):

"While these discussions have been going on, to try to sufficiently balance the privacy and the law enforcement interests, we've not to date to my knowledge proceeded to subpoena the ISPs. But that, I think, is critical authority to be able to maintain -- done in the right way and with sufficient solicitousness and it's very important to the privacy interests which I do think can be balanced.

As I said, if you watch her entire response, it's a complete mess of half-finished thoughts, which seems rather typical of someone trying to sound like they're answering a question but not actually doing so. Later in the same answer, she insists that taking away this authority might take away an important tool.

So, we know that the SEC really wants to keep this tool. But last year it said it was "extremely important" and provided "critical evidence." This year, she's saying that the SEC isn't even using the tool. So, uh, which is it? Is this tool absolutely necessary for critical evidence, or is it not even being used by the SEC?

And, through all of this, the SEC still has not answered the most basic question: why can't it treat email the same way it has to treat paper documents under the 4th Amendment? That is, if it wants the document it can subpoena the end user for those documents. It does not get to route around the end user and subpoena a third party for those documents. So why can't it treat email in the same way?

Permalink | Comments | Email This Story
]]>let's-get-this-straight-now...https://www.techdirt.com/comment_rss.php?sid=20150415/17062430669Wed, 1 Apr 2015 06:20:53 PDTWas It The Same Corrupt Team That Investigated/Stole From Silk Road That Now Subpoenaed Reddit?Mike Masnickhttps://www.techdirt.com/articles/20150331/14390230505/was-it-same-corrupt-team-that-investigatedstole-silk-road-that-now-subpoenaed-reddit.shtml
https://www.techdirt.com/articles/20150331/14390230505/was-it-same-corrupt-team-that-investigatedstole-silk-road-that-now-subpoenaed-reddit.shtmlhad sent a subpoena to Reddit, demanding info on five users who had been posting to the subreddit r/darkmarkets, which (you guessed it!) is where lots of people discuss dark markets like Silk Road and the recently shut down (and all money taken) Evolution. It appears that the subpoenas were trying to track down more information about who was behind Evolution:

Earlier this month, a Baltimore Department of Homeland Security (DHS) Immigration and Customs Enforcement agent sent a subpoena to Reddit demanding that the site turn over a collection of personal data about five users of the r/darknetmarkets forum. The subpoena appears to be the first hint of a federal investigation of the recently defunct massive online market known as Evolution, which sold drugs, weapons, and stolen financial details. All five targets of the subpoena were involved, to varying degrees, in the Reddit discussion of that black market’s abrupt disappearance two weeks ago, in which two top administrators apparently absconded with millions of dollars worth of bitcoin belonging to Evolution’s buyers and sellers.

According to a copy of the subpoena shared with WIRED by one of the forum’s moderators who was named in the document, the DHS seeks information that includes the names, IP addresses, dates and times of site visits as well as other data that Reddit likely doesn’t possess, including the users’ phone numbers and financial data. (Reddit doesn’t even require an email address to sign up.)

For what it's worth, Reddit's privacy policy notes that it does collect IP addresses and holds them and other info for 90 days -- meaning that if any of the users weren't careful, they may have revealed some information about themselves. Though, seriously, if you're deeply involved in a dark market doing illegal things, and then posting publicly to a subreddit without covering your tracks, you're basically asking to be caught.

That said, what struck me most was the fact that this request came from Baltimore. Because right about the same time that Greenberg's story came out, the Justice Department was revealing its criminal complaint against two of the key federal agents involved in the investigation of Silk Road, who (according to the complaint) stole a bunch of money from Silk Road, extorted Silk Road's administrator and also engaged in a bunch of other nefarious actions, including issuing a fake subpoena to Venmo, engaging in civil asset forfeiture against Mt. Gox accounts and discussing other similar activities.

And both of those guys were... based in Baltimore. It's not entirely clear if the two allegedly corrupt federal agents -- Carl Force of the DEA and Shaun Bridges of the Secret Service -- were part of this same Homeland Security investigations team, but it wouldn't be entirely surprising to find out that it was the same team. One hopes that whoever is involved in that investigations team now, isn't doing similar corrupt activities as mentioned in the criminal complaint against Force and Bridges. However, given how those two appeared to abuse their position, and given that there's a high likelihood of the subpoena coming from the same team, it certainly raises some additional questions. And that's not even mentioning the concerns about other corrupt individuals in these investigations, including a Homeland Security agent who went by the name "mr. wonderful."

That's not to say that the subpoena to Reddit is problematic. It may be perfectly legit (though it does appear that at least one of the people that the subpoena was digging into is just Gwern Branwen, a well-known security researcher who insists he has never sold any illegal products on dark market sites). Still, the criminal complaint from earlier this week certainly raises serious questions about any of these fishing expeditions, especially by a team coming out of Baltimore.

Permalink | Comments | Email This Story
]]>questions,-questionshttps://www.techdirt.com/comment_rss.php?sid=20150331/14390230505Tue, 10 Mar 2015 08:09:00 PDTMichigan Attorney General Slaps Reporter With Bogus Subpoenas For Doing Her JobMike Masnickhttps://www.techdirt.com/articles/20150309/16395830263/michigan-attorney-general-slaps-reporter-with-bogus-subpoenas-doing-her-job.shtml
https://www.techdirt.com/articles/20150309/16395830263/michigan-attorney-general-slaps-reporter-with-bogus-subpoenas-doing-her-job.shtmlabuse their position to attack those they dislike. The latest? Michigan Attorney General Bill Schuette. Apparently, he was none too happy that Huffington Post reporter Dana Liebelson was investigating juvenile prison conditions in the state, and had a representative from his office follow her for two hours across the state to slap her with two separate, but equally questionable, subpoenas, demanding all of her notes:

As Liebelson notes on her Twitter feed, she had had permission to visit the prisons, and agreed not to bring in a recording device. She noted that she followed all the rules that she was given for reporting from the prison -- and yet, she immediately gets slapped with a subpoena demanding her notes.

And she wasn't the only one. Another report notes that Schuette alsosent a subpoena to Michigan Radio, demanding its recording of a prisoner/attorney interview.

Of course, after Liebelson's story started getting social media and press attention, Schuette's office quickly backed down, and promised to rescind the subpoenas. The excuse given by his office, to MLive, is absolutely ridiculous:

A spokesperson for Schuette, responding to a request for comment, issued a statement indicating a civil service attorney had been "doing the department's job of defending the state" from lawsuits.

The attorney "followed a common legal procedure" of subpoenaing information from individuals "entering Michigan prisons to speak to prisoners who are suing state taxpayers," said spokesperson Andrea Bitely.

That makes no sense at all. Defending the state from lawsuits should never involve sending reporters subpoenas demanding all of their notes. It's a clear intimidation technique that violates all basic concepts of a free and open press.

Permalink | Comments | Email This Story
]]>abuse-of-powerhttps://www.techdirt.com/comment_rss.php?sid=20150309/16395830263Mon, 9 Feb 2015 13:31:00 PSTMagistrate Judge Shoots Down Government's Attempt To Gag Yahoo Indefinitely Over Grand Jury SubpoenasTim Cushinghttps://www.techdirt.com/articles/20150207/17081029950/magistrate-judge-shoots-down-governments-attempt-to-gag-yahoo-indefinitely-over-grand-jury-subpoenas.shtml
https://www.techdirt.com/articles/20150207/17081029950/magistrate-judge-shoots-down-governments-attempt-to-gag-yahoo-indefinitely-over-grand-jury-subpoenas.shtmlMagistrates' Revolt." Grewal was the magistrate who shot down the government's open-ended request to grab every email in a person's Gmail account and sort through them at its leisure. He was actually the second magistrate to shoot down this request. The government went "judge shopping" after Judge John Facciola told it the scope of the request needed to be narrowed considerably before he would even think about granting it. The government decided it still wanted all the email and traveled across the country to see Judge Grewal… who told them to GTFO without even giving the feds the option to rewrite the request.

Law enforcement cannot indefinitely forbid Yahoo Inc from revealing a grand jury subpoena that seeks subscriber account information, a U.S. judge ruled, because doing so would violate the company’s free speech rights.

U.S. Magistrate Judge Paul Grewal in San Jose, California on Thursday wrote that the government’s request would prohibit Yahoo from disclosing the subpoena, even years after the grand jury concluded its probe. The court order does not disclose the target of the federal investigation.

“In an era of increasing public demand for transparency about the extent of government demands for data from providers like Yahoo!, this cannot stand,” Grewal wrote.

Yahoo has had its fill of government secrecy. It spent a long time fighting both broad subscriber data requests from the NSA and their accompanying 25-year gag orders. Its ardent defense of its subscribers against broad government requests would still be under seal, but thanks to recently declassified documents, it has been able to address the subject publicly -- nearly 18 years before the gag order would have "aged off."

Instead of asking that Yahoo be gagged for 60 or 90 days, the government asked that the company be gagged until further order of the court.

Grewal's rejection points out that the government feels entitled to indefinite gag orders, but has yet to offer any reasons why it should have its wishes granted.

The government did not demonstrate why such an indefinite request was necessary, Grewal wrote.

Judge Grewal has sent the government back to perform a rewrite -- either providing justification for its ridiculous demands, or to request something less illogical, like a finite gag order. The government has availed itself of many judicial rubber stamps over the years, but it looks like it's still running into resistance on both coasts: Paul Grewal in California and John Facciola in Washington D.C.

The ACLU has also been engaged in this fight against government secrecy since early last year, bringing more attention and legal expertise to an issue that hasn't achieved the terminal velocity of mainstream media attention. It's a bit more trench warfare, pitting magistrate judges and amicus briefs against the DOJ's assumption that it should have whatever it asks for, because terrorism, drugs, grand juries or whatever.

Permalink | Comments | Email This Story
]]>checked-and-balancedhttps://www.techdirt.com/comment_rss.php?sid=20150207/17081029950Fri, 21 Nov 2014 14:40:00 PSTIreland Asks EU To Support Microsoft In Legal Battle Involving Competing JurisdictionsGlyn Moodyhttps://www.techdirt.com/articles/20141119/08260029192/ireland-asks-eu-to-support-microsoft-legal-battle-involving-competing-jurisdictions.shtml
https://www.techdirt.com/articles/20141119/08260029192/ireland-asks-eu-to-support-microsoft-legal-battle-involving-competing-jurisdictions.shtmlcase where a US magistrate judge ruled that Microsoft had to comply with a warrant asking for data held on servers in Dublin. Clearly, if this stands, it will have big implications for cloud computing -- and a massive negative impact on US businesses trying to sell such services around the world. For that reason, Microsoft has been fighting back in the courts, so far unsuccessfully.

A case involving Microsoft that is currently before the US courts has raised important issues between the respective legal regimes in the European Union and the United States, particularly in relation to the protection of personal data.

The case in question has given rise to a degree of legal uncertainty and the outcome could have potentially serious implications for data protection in the EU.

By seeking direct access to data held in the EU through the US judicial system, existing legal mechanisms for mutual assistance between jurisdictions may be being effectively bypassed. There are fundamental issues at stake here as regards the protection of personal data that is held within the European Union.

"Existing legal mechanisms" presumably means the Mutual Legal Assistance Treaty that would allow the US to request the data it wants from the Irish government. The "fundamental issues at stake" refer to the fact that by trying to take a more direct route, without involving the Irish government, the US authorities are likely to fall foul of European data protection laws, which do not allow personal data to be handed over in this way. The Irish minister is clearly asking the European Commission to support Microsoft in its fight against the US court's decision:

I urge the Commission to consider the arguments that Microsoft are making with respect to this case.

That's an indication that the Irish government -- and doubtless those elsewhere in the EU -- really want Microsoft to win. If it doesn't, there is going to be a clash of jurisdictions that could get very messy as both US and EU insist that their laws must take precedence, with serious consequences if they don't....

Permalink | Comments | Email This Story
]]>this-could-get-messyhttps://www.techdirt.com/comment_rss.php?sid=20141119/08260029192Tue, 20 May 2014 03:48:32 PDTDC District Court Overrides Judge John Facciola's Orders, Grants DOJ Request For Gag Order On Subpoenaed CompaniesTim Cushinghttps://www.techdirt.com/articles/20140517/13453927272/dc-district-court-overrides-judge-john-facciolas-orders-grants-doj-request-gag-order-subpoenaed-companies.shtml
https://www.techdirt.com/articles/20140517/13453927272/dc-district-court-overrides-judge-john-facciolas-orders-grants-doj-request-gag-order-subpoenaed-companies.shtml
It appears Washington, DC magistrate judge John Facciola is still making the government earn everything it asks for. Facciola is the judge who has been sending the government back to its desk to rewrite overly broad warrants seeking electronic data. In one of these cases, the government decided that it would rather go "judge shopping" all the way across the country rather than narrow its request, but was shot down by a California district court judge.

Facciola's orders are the basis for two memorandums recently issued by DC District Court Judge Richard Roberts concerning a case still mostly under seal as part of federal grand jury investigation. (The government also asked for these to be filed under seal, but that has obviously been declined.)

The government challenges two orders issued by Magistrate Judge John Facciola regarding the government's application for an order under 18 U.S.C. The first order invited Twitter, Inc. to intervene as a respondent and file a notice with the court on whether Twitter intended to be heard on the merits of the government's application. The second order instructed the government to file a public, redacted copy of its application and draft order.

Facciola also issued a similar order for Yahoo, the other company being subpoenaed. Both sets of orders invited the companies to challenge both the gag order preventing them from informing their customer(s) of the government's interest in their data. The government understandably wasn't thrilled with these orders and filed an appeal (of sorts) seeking to have Facciola's orders vacated. The District Court notes that the judicial system -- at this level -- doesn't exactly work this way.

On March 27, 2014, the government filed what it styled as an appeal from the magistrate judge's two orders regarding the government's application for an order under 18 U.S.C. The government moved to vacate the orders issued by the magistrate judge and moved for the district court to grant its application for a nondisclosure order. In addition, the government moved to seal the appeal and resulting order.

This faux pas by the government is explained a bit further in a footnote, as is the judge's rationale for treating this as an "objection," rather than an "appeal."

The government styles its challenge as an appeal, but the reference is a misnomer. With the exception of authority granted by Federal Rule of Criminal Procedure 58 concerning misdemeanor proceedings handled by a magistrate judge under 18 U.S.C. 3401, the district court does not exercise appellate power. See, United States v. Choi, 818 F. Supp. 2d 79, 85 (D.D.C. 2011) ("The magistrate judge is not an inferior court, and the district court does not stand in an appellate capacity over the magistrate.") For the reasons explained below, the government's appeal will be considered as an objection to the magistrate judge's two orders.

Several more pages of judicial rationale follow, pointing out that grand jury deliberations are not subject to transparency and that Facciola erred by suggesting Twitter and Yahoo could either challenge the gag order or inform their customers. Judge Roberts points out that there's very little either company can offer in terms of judging the "merit" of the government's gag order, or the subpoena itself. Further discussions also defer to "government knows best" mentality, suggesting that any notification would "jeopardize" ongoing investigations. That this investigation is tied to a grand jury slams the door shut on any appeal of the gag order.

Because the express terms of 18 U.S.C. 2705(b) and applicable legal precedent governing public access to grand jury proceedings and materials do not support the first order inviting Twitter [and Yahoo] to intervene or the second order instructing the government to file a public, redacted copy of the non-disclosure application, the orders will be vacated.

So, the government gets its win, but it had to put in a little extra paperwork. It hoped these documents would be sealed as well, but you can't win them all, especially when memos in question contain only one redactable sentence each. If this is how the last few months have gone in Facciola's court, it's little wonder the government has been making road trips to other venues.

Permalink | Comments | Email This Story
]]>throwing-a-shoulder-into-the-governmenthttps://www.techdirt.com/comment_rss.php?sid=20140517/13453927272Fri, 2 May 2014 03:33:00 PDTTech Companies Increasingly Telling Users When Law Enforcement Comes Asking For DataMike Masnickhttps://www.techdirt.com/articles/20140501/16204327090/tech-companies-increasingly-telling-users-when-law-enforcement-comes-asking-data.shtml
https://www.techdirt.com/articles/20140501/16204327090/tech-companies-increasingly-telling-users-when-law-enforcement-comes-asking-data.shtmlnot just roll over when law enforcement came asking for user data, even alerting users that law enforcement was seeking their data, and giving them the chance to try to block the requests. Apparently, now a bunch of other big tech companies have started doing the same thing:

Google already routinely notified users of government data requests but adopted an updated policy this week detailing the few situations in which notification is withheld, such as when there is imminent risk of physical harm to a potential crime victim. “We notify users about legal demands when appropriate, unless prohibited by law or court order,” the company said in a statement.

Lawyers at Apple, Facebook and Microsoft are working on their own revisions, company officials said, although the details have not been released. All are moving toward more routinely notifying users, said the companies, which had not previously disclosed these changes.

“Later this month, Apple will update its policies so that in most cases when law enforcement requests personal information about a customer, the customer will receive a notification from Apple,” company spokeswoman Kristin Huguet said.

If you're looking for who to thank about this turn of events, there are two places to point. First: the good folks at EFF. For the past few years, it's been publishing its Who Has Your Back? chart looking at how companies respond to government requests for data. Each year, this list has convinced more and more companies to improve how they protect their users, and how they push back on government requests. And, the reason why so many companies are rushing to change their policies is because the EFF is about to release its latest version. Yet another reason to be happy the EFF exists.

Second, of course, is Ed Snowden. While not entirely directly at issue here -- since things like FISA Court Orders and National Security Letters are subject to gag orders barring companies from telling their users -- the generally heightened interest in government access to information provided to internet services has certainly created a culture where these companies can't get away with just rolling over for the government any more.

Of course, you could argue that it's taken these companies too long to get here -- and that's absolutely true -- but better late than never.

Oh yeah. Guess who's really upset about all of this:

The Justice Department disagrees, saying in a statement that new industry policies threaten investigations and put potential crime victims in greater peril.

“These risks of endangering life, risking destruction of evidence, or allowing suspects to flee or intimidate witnesses are not merely hypothetical, but unfortunately routine,” department spokesman Peter Carr said, citing a case in which early disclosure put at risk a cooperative witness in a case. He declined to offer details because the case was under seal.

Once again, it seems like the DOJ and others think that anything that makes their job harder is somehow wrong. But that's incorrect. The whole point of protecting freedom is that it's supposed to be hard for law enforcement to spy on people and arrest them. That's how it's supposed to work.

Permalink | Comments | Email This Story
]]>good-for-themhttps://www.techdirt.com/comment_rss.php?sid=20140501/16204327090Wed, 23 Apr 2014 09:05:00 PDTWhy Is The DOJ Gagging Twitter And Yahoo Concerning Grand Jury Subpoenas?Mike Masnickhttps://www.techdirt.com/articles/20140421/18063326984/why-is-doj-gagging-twitter-yahoo-concerning-grand-jury-subpoenas.shtml
https://www.techdirt.com/articles/20140421/18063326984/why-is-doj-gagging-twitter-yahoo-concerning-grand-jury-subpoenas.shtmlissued gag orders against Twitter and Yahoo concerning grand jury subpoenas that have been sent to both companies. This case is one we mentioned last week where magistrate judge John Facciola asked the two companies to weigh in, as he appears unconvinced that the government's request is sound. However, the whole thing is happening under seal, which the ACLU feels is inappropriate, given the importance of allowing companies to respond freely to such requests, without being gagged.

The ACLU filed a motion last night seeking to represent the public's interest in open court proceedings when the government seeks gag orders on Internet companies. We know about the three cases only because the magistrate judge pushed back on the government, inviting Yahoo and Twitter to weigh in and ordering the government to make its legal arguments public. The government appealed those orders to a district court, where the judge ordered the appeals sealed. The ACLU is now moving to intervene in the district court for the purpose of opening these gag order proceedings to public scrutiny. In a democracy, if your government is going to gag someone from speaking, it should publicly explain why.

The federal government has an awesome array of tools and technologies in its investigative arsenal, and it often goes to great lengths to shield its tactics from outside scrutiny. Not only does this secrecy prevent people from challenging surveillance used against them, but it also means that elected officials can't openly debate the underlying policies, and communities can't discuss their government's actions.

Traditionally, gag order applications are considered ex parte – meaning with only the government's argument on the record before the court. However, Magistrate Judge Facciola noted that the government's request in this case raised controversial legal questions, and so invited Twitter and Yahoo to respond. (In one case, the government withdrew its gag order application after Judge Facciola invited Twitter's participation.) He also ordered the government file public copies of its gag order applications with limited redactions.

It's good to see at least some pushback on the feds' attempt to get information and to silence companies from saying anything about it. But it's still quite troubling that they seem to assume they have near free rein to do so in the first place. Kudos to the ACLU for stepping in as well, and representing the public interest.

Permalink | Comments | Email This Story
]]>please-explainhttps://www.techdirt.com/comment_rss.php?sid=20140421/18063326984Tue, 22 Apr 2014 13:13:00 PDTChutzpah: John Steele To Court: What, You Think I Would Lie, Cheat And Break The Law? Come On!Mike Masnickhttps://www.techdirt.com/articles/20140422/07205326990/chutzpah-john-steele-to-court-what-you-think-i-would-lie-cheat-break-law-come.shtml
https://www.techdirt.com/articles/20140422/07205326990/chutzpah-john-steele-to-court-what-you-think-i-would-lie-cheat-break-law-come.shtmlPrenda Law over the past few years, one thing has become clear: John Steele really loves the "I know you are, but what am I" form of legal argument, in which whatever he's accused of, he aggressively accuses his accuser of being guilty of the same. It's a sort of faux macho move, in which every attack on him is met with an equally or more aggressive attack. To date, the strategy has failed badly, but it seems that Steele just can't let go of this kind of approach. In the latest round of the Anthony Smith case, Steele appears to be trying on a variant of that aggressive posture, taking on the very serious and direct accusations made against him (including those by multiple federal judges) and mocking them, by asking another court rhetorically, "what, do you really think I'm guilty of all these crazy things?" when the answer to that question may very well be yes.

At issue is the continuing fight over getting Steele and his collaborators, Paul Hansmeier and Paul Duffy, to actually pay up for their abuse of the legal process. Last we checked in on this particular case, the district court was finding them in contempt and piling more onto the money they would need to pay, while the appeals court does not appear to be impressed by Team Prenda's arguments, clearly calling out the "shell games" that Prenda and associated entities were playing.

While aspects of the case have been stayed during the appeal, other aspects are moving forward, including Smith's lawyer continuing to push for discovery on the actual assets of Steele, Hansmeier and Duffy. As you may recall, despite being required to provide such information, they did so in a questionable manner. As Judge David Herndon pointed out:

The Court finds that plaintiff's counsel has not met its burden. They submitted incomplete, and to say the least suspicious, statements of financial condition. Attached to each statement was a letter from their certified public accountant ("CPA"). In these letters, the CPA indicates a departure from generally accepted accounting principles. He further notes that plaintiff's counsel elected to omit substantially all of the disclosures required by generally accepted accounting principles. The Court finds these statements insufficient to establish plaintiff's counsel's inability to pay.

Since then, Smith's lawyer, Jason Sweet of Booth & Sweet, has continued to push for determining the financial position of the three individuals here. There's a sealed document which apparently hints at some shady financial dealings, but it appears to be making Steele very angry. While Paul Duffy filed a pretty empty opposition saying that he has no offshore accounts, Steele went into full on, ultra-aggressive "who me?" defensiveness in response, leading to some incredible statements, considering what multiple courts have already said about them. The classic part has to be this:

For this Court to find any act of Prenda should be attributed to Steele, the Court would have to believe that Steele lied to multiple federal judges without getting caught, committed massive tax fraud without the IRS finding out, and proactively broke into the Illinois Secretary of State’s corporate records database to hide his ownership of Prenda Law, all because of the remote chance that years later a federal judge might sanction Prenda Law for $261,000.

Except... of course, multiple judges have already claimed that Steele and the others have lied, including in this very case. In the original ruling in this case, Judge Patrick Murphy directly called out Steele for lying, saying: "These men have shown a relentless willingness to lie to the Court on paper and in person." He furthermore highlighted how it was quite clear that Steele was directly involved in Prenda, which Steele is now denying yet again. And no one is claiming he hacked into the corporate records database (though, now that he's denied it, it almost makes you wonder...), but that he was clearly in control of Prenda and received much of the money that went into Prenda.

As for the issue of the IRS, well, last we checked, at least one judge, Otis Wright, has referred their conduct to the IRS, and there are at least some indications that an investigation is ongoing. And while no one thinks they set up this shell game specifically to avoid this particular ruling, it's not difficult to see that they did so to try to avoid a series of similar court rulings, after Prenda's initial approach started getting regularly shot down in court.

Steele's response also ratchets up the ridiculous rhetoric in describing the copyright trolling shakedown business, which they copied from a bunch of other firms:

Steele and his partner, Paul Hansmeier (”Hansmeier”) were early pioneers in catching thieves and hackers who engaged in stealing copyrighted works and other computer related misdeeds, including computer hacking and copyright infringement.

Except, of course, they were neither pioneers, nor were they catching "thieves" or "hackers." Rather, by all accounts, they set up a honeypot site, uploaded their own content to it, shared it on file sharing sites, and then used the IP addresses of those who followed the release that they themselves put online, to shake them down with lawsuits and demands for settlement. The evidence on this is fairly overwhelming.

Steele tries to argue away the "oddities" the court noted in the filings made by the CPA they hired this way:

At the hearing, no reference was made to the GAAP, the Generally Accepted Accounting Rules, a set of standards designed for the financial reporting of corporations, not individuals. Steele submitted his financial statement as directed. Steele’s submissions were accurate, and no filing since has disproved any aspect of Steele’s statement

If he thinks that this will get him out of the fact that the CPA "elected to omit substantially all of the disclosures required" I would imagine he's got another thing coming.

Steele, also tries to angrily argue away the infamous Brett Gibbs spreadsheet that revealed the revenue of Prenda Law, and how 70% of it went to both Steele and Hansmeier, who have long denied being associated with that firm. Steele argues that this spreadsheet was made by Gibbs, as opposed to (as Gibbs has noted) made by Prenda and shared with Gibbs via a shared Dropbox account.

It appears that Mr. Gibbs created some accounting sheet of Prenda Law finances for some period of time prior to this case, and thus is irrelevant. Steele has no personal knowledge of Mr. Gibbs’ accounting records, methodology, or how Mr. Gibbs created his documents. According to Mr. Gibbs himself, he doesn’t either, and claims he doesn’t even know how his document came into existence. Such a document hardly comports with the Federal Rules of Civil Procedure governing admissible evidence.

He focuses on the fact that the spreadsheet is not admissible. Of course, his partner, Hansmeier, having argued basically the same thing in the past, has also suggested that the facts of the document are accurate, noting (incorrectly) that the document supports Steele/Hansmeier's position and that it was "stolen."

Related to all of this, Steele appears to still be playing games. In a separate filing, Sweet details how Steele took it upon himself to (incorrectly) inform various parties that Sweet had subpoenaed, that the stay on one part of the case meant those subpoenas were withdrawn as well. Except that they're part of a separate process, which is still ongoing. Sweet asked Steele to confirm that Steele had gone back to those third parties, and admitted that he was wrong in interfering with the discovery process. Steele did not do so, but rather sent one of his snarky emails about how he promises that he "will address your most recent round of subpoenas as appropriate."

It's been a while since Steele has done this kind of thing, but it's the same old John Steele, cocky until the very end, even as all of the evidence is against him. It reminds you of a little kid who has been caught doing something wrong but figures if he just keeps denying it over and over again, buying himself time, there will be some way to get out of it all.

Permalink | Comments | Email This Story
]]>get-crackin'https://www.techdirt.com/comment_rss.php?sid=20140422/07205326990Mon, 21 Apr 2014 13:14:22 PDTLaw School Trustee's Company Chills Critical Speech With Subpoena For Students' Personal EmailsTim Cushinghttps://www.techdirt.com/articles/20140418/18013426963/law-school-trustees-company-chills-critical-speech-with-subpoena-students-personal-emails.shtml
https://www.techdirt.com/articles/20140418/18013426963/law-school-trustees-company-chills-critical-speech-with-subpoena-students-personal-emails.shtml
A New York University trustee has found a way to chill speech critical of him and the companies he owns: subpoena the personal emails of two particularly outspoken opponents.

A New York University Law trustee's company wants two students to hand over their personal emails after they circulated a letter criticizing him, according to a subpoena.

The law students, second-year Luke Herrine and first-year Leo Gertner, were targeted after they helped circulate a letter denouncing NYU Law School trustee Daniel Straus, who owns Care One Management, a home health aide and nursing home company embroiled in a labor dispute.

The two students started a petition asking for the removal of Straus from the Board of Trustees, pointing out that a law school should probably be associated with someone who respects the law, something Straus' companies seem to have trouble doing. His two companies, CareOne and HealthBridge Management, have been cited at least 38 times by the National Labor Relations Board for violating federal labor laws. In addition, HealthBridge was held in contempt of court for refusing to allow 600 workers to return to their jobs at their pre-strike pay levels.

CareOne spokesperson Deborah Maxson said the deadline for the requested information is April 25.

“Straus is not a party to the lawsuit and is not managing the litigation,” Maxson said.

Straus may not be a party to this lawsuit, but these are his companies, and there can be very little doubt that Straus would prefer the ongoing criticism of his business efforts be halted. If CareOne wants to use the excuse that Straus isn't a "party" to this lawsuit, then it needs to extend that same courtesy to the two students, who also aren't a "party" to the ongoing legal fight.

Then there's the content sought by the subpoenas. This, too, mentions Straus directly, even as CareOne claims this has nothing to do with him. According to a letter sent by the Board of Trustees to NYU administration, this is what CareOne is hoping to obtain:

“The subpoenas requested information regarding any contact the students may have had with SEIU and any activity they may have engaged in, such as protests or meetings, relating to Mr. Straus or CareOne...”

If Straus isn't "party" to this lawsuit, why does CareOne need information relating to Straus? Beyond that, the information requested bears all the hallmarks of trying to use the power of the court to silence free speech. Protests and meetings, both activities covered by the First Amendment, are mentioned specifically by the subpoena.

For what it's worth, NYU has stepped up and has provided the students with the pro bono help of one of the school's lawyers. It also issued a very carefully-worded defense of the students, no doubt mindful of Straus' $1.25 million annual endowment.

“The Law School is not a party to the litigation between Care One and SEIU, and will remain uninvolved in it," the school wrote in a statement to DNAinfo New York sent Thursday. "We vigorously support the right of our students to express their views and to organize and participate in lawful demonstrations and other protest activity, at the same time that we acknowledge that parties to litigation are permitted, subject to applicable rules and judicial oversight, to gather evidence in support of their case."

Further statements reiterated NYU's support for its students' rights but also noted it considered Straus to be an "upright and honorable person."

That said, it seems that there is a clear -- and somewhat massive -- conflict of interest for Straus to remain on the board of trustees at NYU Law at the same time he's using the legal process to demand the email contents from two of its students.

Forcing students to turn over emails and other private communications in litigation that does not concern them can chill free speech on campus and make students think twice about raising their voice about controversial issues. This is antithetical to NYU's mission of open academic inquiry and commitment to the public interest.

Rather than address these concerns, Straus is allowing (or directing) his company to shut down his critics by seeking personal communications from non-party NYU students. Straus also has additional leverage with the university should this fail to keep future criticism at bay. Of course, there's always a chance NYU will side with the students and decide that Straus' companies don't really reflect the culture it's trying to instill in its students. But until this all plays out, we're just witnessing the sort of tactics deployed by entities who would rather shut people up than address their concerns.

Permalink | Comments | Email This Story
]]>this-isn't-about-you-but-please-give-us-your-emailshttps://www.techdirt.com/comment_rss.php?sid=20140418/18013426963Wed, 16 Apr 2014 15:42:59 PDTCanadian 'Digital Privacy' Bill Actually Puts Everyone's Privacy At Risk; Will Be A Boon To TrollsMike Masnickhttps://www.techdirt.com/articles/20140414/17452326913/canadian-digital-privacy-bill-actually-puts-everyones-privacy-risk-will-be-boon-to-trolls.shtml
https://www.techdirt.com/articles/20140414/17452326913/canadian-digital-privacy-bill-actually-puts-everyones-privacy-risk-will-be-boon-to-trolls.shtmldangerous new bill in Canada, called the "Digital Privacy Act" (Bill S-4), which will actually serve to undermine many people's privacy. Much of the bill is focused on security breach disclosure rules, something that is important and useful. But, with that are some hidden, and extremely problematic, sections as well.

In light of revelations
that telecom companies and Internet companies already disclose
subscriber information tens of thousands of times every year without
a court order, the immunity provision is enormously problematic. Yet
it pales in comparison to the Digital Privacy Act, which would
expand the possibility of warrantless disclosure to anyone, not just
law enforcement. Bill S-4 proposes that:

"an organization may disclose personal information without the
knowledge or consent of the individual... if the disclosure is
made to another organization and is reasonable for the purposes of
investigating a breach of an agreement or a contravention of the
laws of Canada or a province that has been, is being or is about
to be committed and it is reasonable to expect that disclosure
with the knowledge or consent of the individual would compromise
the investigation;

Unpack the legalese and you find that organizations will be
permitted to disclose personal information without consent (and
without a court order) to any organization that is investigating a
contractual breach or possible violation of any law. This applies
both past breaches or violations as well as potential future
violations. Moreover, the disclosure occurs in secret without the
knowledge of the affected person (who therefore cannot challenge the
disclosure since they are not aware it is happening).

Of particular concern is how this could be a huge boon for copyright trolls, who can get information from ISPs without a court order, by simply claiming that it's for the purpose of "investigating a breach of an agreement or a contravention of the laws of Canada." Similarly, this would put a serious chill on protections for anonymous speech, as claims of defamation or other issues might lead to quick revelations of anonymous commenters, without any role for a Canadian court to balance the interests of free speech and privacy.

It's difficult to see how a bill that is supposed to be about protecting people's privacy actually has this clause that will effectively decimate privacy for many individuals. Industry Canada insists that this provision is narrowly targeted, but Geist highlights how the government rejected much narrower constructions, and seems unable to comprehend how disastrous the current bill will be for Canadians' privacy.

Permalink | Comments | Email This Story
]]>no-anonymityhttps://www.techdirt.com/comment_rss.php?sid=20140414/17452326913Wed, 16 Oct 2013 07:40:17 PDTLavabit Case Shows Why We Need Tech Literate JudgesMike Masnickhttps://www.techdirt.com/articles/20131015/16391524887/lavabit-case-shows-why-we-need-tech-literate-judges.shtml
https://www.techdirt.com/articles/20131015/16391524887/lavabit-case-shows-why-we-need-tech-literate-judges.shtmlLavabit's temporary re-opening for the sake of letting people export their accounts, a much more interesting issue is the recent development in the legal case. Lavabit has filed its latest brief, and there are some interesting discussions about the details of the case. From my reading, Lavabit makes a very strong argument that the government has no right to demand the production of Lavabit's private SSL keys, as it's an overreach way beyond what traditional wiretapping laws allow. Lawyer Orin Kerr's analysis argues that Lavabit's case is weak, mainly arguing that the federal government can subpoena whatever the hell they want, and just because it conflicts with your business model: too bad. Lavabit argues that complying with the government's order is oppressive because it would effectively mean it would be committing fraud on all its customers:

[T]o comply with the government’s subpoena would have either required Lavabit to perpetrate a fraud on its customer base or shut down entirely. That is the key point, and the resulting harm goes far beyond a mere inconvenient search for records. Just as requiring a hotel owner to install glass doors on all its hotel rooms would destroy the hotel’s business, Lavabit cannot exist as an honest company if the government is entitled to take this sort of information in secret. Its relationship with its customers and business partners depends on an assurance that it will not secretly enable the government to monitor all of their communications at all times. If a mere grand jury subpoena can be used to get around that (in secret, no less), then no business—anywhere—can credibly offer its customers a secure email service.

But Kerr points out that this is a "really weak argument":

This strikes me as a really weak argument. Lavabit is essentially claiming that its anti-government business model trumps the subpoena power. That is, it is arguing that the subpoena is “oppressive” precisely because it would work: It would allow the government to conduct the surveillance it is allowed to conduct under the Pen Register statute.

Further, Kerr argues that to accept Lavabit's argument would mean that any company that announces an "ideology or business strategy" that opposes government surveillance could then resist legitimate government subpoenas simply by arguing that they are oppressive and abusive.

I respect Kerr and always look forward to his legal analysis, but I think he's wrong at a variety of levels here, and, tragically the judge in the case seems to have the same confused view of what Lavabit is actually arguing (though, one could argue, that is actually the fault of Lavabit in not making its case clearly). Lawyer Scott Greenfield does a good job explaining why Kerr has mischaracterized Lavabit's defense -- first noting that being pro-privacy is hardly being "anti-government" as Kerr implies. Then pointing out that Lavabit's argument isn't that the government's demand for its private keys was merely oppressive because of its business model, but because it would put Lavabit out of business -- which is not the same thing.

This isn't really a fair characterization of Lavabit's point. Initially, the argument is that revelation of the private key would be the ruination of the business. By exposing every customer to government disclosure, and covert disclosure at that, the government would take a viable business, making money and delivering a service as businesses are allowed to do in America, and destroy it. Poof, company gone. Business gone. Revenue gone. Wham, bam, thank you, Ladar.

But there's an even bigger point in here, which I think Kerr misses entirely, and Greenfield skips over: from a technology standpoint, what the government is demanding of Lavabit is absolutely oppressive and abusive. And, for that, it helps to look at Ed Felten's discussion of the case, in which he notes that the judge and other DOJ supporters in this case (including, it would seem, Kerr) are basically arguing that "If court orders are legitimate, why should we allow engineers to design services that protect users against court-ordered access." But Felten points out that requiring "court ordered access" is tantamount to requiring a massive vulnerability to insider attacks:

To see why, consider two companies, which we’ll call Lavabit and Guavabit. At Lavabit, an employee, on receiving a court order, copies user data and gives it to an outside party—in this case, the government. Meanwhile, over at Guavabit, an employee, on receiving a bribe or extortion threat from a drug cartel, copies user data and gives it to an outside party—in this case, the drug cartel.

From a purely technological standpoint, these two scenarios are exactly the same: an employee copies user data and gives it to an outside party. Only two things are different: the employee’s motivation, and the destination of the data after it leaves the company. Neither of these differences is visible to the company’s technology—it can’t read the employee’s mind to learn the motivation, and it can’t tell where the data will go once it has been extracted from the company’s system. Technical measures that prevent one access scenario will unavoidably prevent the other one.

Insider attacks are a big problem. You might have read about a recent insider attack against the NSA by Edward Snowden. Similar but less spectacular attacks happen all the time, and Lavabit, or any well-run service that holds user data, has good reason to try to control them.

Now, go back to the judge's order or Kerr's analysis, and revisit it with what Felten pointed out, and you realize how far off-base both the Judge and Kerr are in their analyses. Lavabit didn't design its system to be setup the way it was because it was "anti-government," but rather because it wanted to create secure email that protects against a variety of different kinds of attacks, both insider and outsider. That's why it found the government's request so "abusive" and "oppressive." Not because of an ideological disagreement, but rather because of the technological reality that handing over Lavabit's private keys absolutely wrecks any real security of Lavabit's system, which is Lavabit's entire business.

So, while Kerr and the judge in the case seem to think it's a mere ideological issue, that's simply not true. It's a technological issue, on which Lavabit's entire business was based. If Kerr and the judge are correct, then, as Felten properly notes, it becomes effectively illegal to build a really secure communications system. That seems positively ridiculous, especially in a time when we're told (by the very government agency that wants to do all this spying) that we need better online security to protect against attacks.

Permalink | Comments | Email This Story
]]>a-failure-of-knowledgehttps://www.techdirt.com/comment_rss.php?sid=20131015/16391524887Fri, 28 Jun 2013 14:53:37 PDTEven State Courts Getting Skeptical About PrendaMike Masnickhttps://www.techdirt.com/articles/20130627/16270523643/even-state-courts-getting-skeptical-about-prenda.shtml
https://www.techdirt.com/articles/20130627/16270523643/even-state-courts-getting-skeptical-about-prenda.shtmlbig bag of tricks in trying to get contact information associated with IP addresses by any means necessary. Lately, that's meant filing questionable "hacking" (not copyright) cases in state court -- especially in St. Clair County, Illinois, which is currently enmeshed in a giant drug scandal -- where a named defendant is "sued" but the focus is on identifying people associated with a variety of IP addresses named as co-conspirators (but not named as defendants). In one such case, officially for "LW Systems," but involving the same crew of Prenda folks, the court has now put the brakes on the subpoenas, quashing them at the request of various ISPs and John Does associated with the IP addresses.

The "defendant" in this case, Christopher Hubbard is represented by Adam Urbanczyk, who, in previous cases, was accused by the judge of being "in bed together" with Team Prenda, for not opposing any sort of discovery. In an altogether different case, yet with some similarities to the one at hand, a defendant admitted to the court that he had agreed to be a named defendant and take a dive in not opposing discovery as part of his own "settlement."

In this case, the judge, Andrew Gleeson, clearly suspected something was up and said that he wanted to know more about the ownership and control of LW Systems. Gleeson also said that he was aware of Judge Wright's famous order in the Prenda case in California, as well as the Delvan Neville deposition in the First Time Videos case in Florida, which presents an awful lot of evidence that John Steele is uploading the videos himself, and setting them to encourage downloading -- which would certainly call into question what sort of "hacking" went on to access the files.

At the very least, Gleeson has also granted the motions to quash the subpoenas, meaning that "LW Systems" doesn't get the information it's been seeking.

Gleeson said he had questions about the complaint and ownership of plaintiff – LW Systems.

“I think I need to be careful…,” Gleeson said. “This is major litigation that will take years to go through.”

While it's not a resounding push back on Team Prenda, it certainly suggests that one of the few courts in the country that was still a "friendly" home for their cases is now growing skeptical as well.